With our ever increasing reliance on technology and the rapid pace at which new technologies, new websites, and applications are created, the amount of data at risk of security breach is only increasing.
A lot of security concerns that the general populous deals with today were developed in the 1990s - most notably denial of service attacks and phishing attacks. Denial of Service (DOS) attacks aim to overload a website with requests, to the point that it breaks down. There are a sleu of reasons someone might try to do this, including expression of anger / criticism, attempting to hurt competition, to make a threat or to punish, etc.. Whatever the reason, these attacks pose a huge threat to the operations of a business. Phishing attacks are when malicious people pose as a trusted source in an attempt to extract valuable information from unknowing victims. The driving reasons here are obvious - access to private information, and monetary gain.
With the rise in popularity of online applications, particularly those that store tons of user information (banks, social media, CRM sites), hacking / attacking / and scamming have only increased in frequency and scope. Perhaps the most daunting fact is that there are a lot of hackers that perform these attacks purely as a hobby, for fun. These people are highly intelligent and creative, and are always coming up with new ways to attack and scam. Because of this it is crucial to individuals and businesses alike to take measures to protect themselves.
Nowadays, companies have teams dedicated to the protection of their applications and the information they have stored. We've learned to write better code to prevent gaps or holes in the system. We are employing tools such as vulnerability scanners and penetration testing software to notify us of security concerns ahead of time. Input testing and password strength tools are also available. And, the general public is becomming better educated on how to identify phishing scams.
The Open Web Application Security Project is an organization dedicated to web application security. Founded in 2001 as a non-profit, comprised of corporations and individuals, OWASP provides resources to use to ensure that maximum security is acheived and best security practices are being followed.
All in all, I think it is clear that the world is taking necessary steps to curb hacking and malicious attacks. But, it seems that this will be an ongoing battle. There will always be highly skilled hackers out there dreaming up what they can hack next. There will always be criminals trying to profit, devising new ways and technologies to do so. I can only hope that the technology and skill level of the 'good' side can keep up.
Copyright: Gary Hammell 2014